<?php 
session_start();
header("Content-Type: text/html;charset=utf-8");
require_once '/inc/conn.php';
require_once '/inc/getCientIP.php';

?>

<HTML><HEAD>

<TITLE>
oa系统
</TITLE>
<link rel="shortcut icon" href="favicon.ico" /> 
<LINK 
rel=stylesheet type=text/css href="css/login_style.css">
<SCRIPT type=text/javascript src="../js/login.js">


</SCRIPT>

<META name=GENERATOR content="MSHTML 8.00.6001.19258">
</HEAD>
<BODY id=login>
<FORM id=loginForm onSubmit="return check(this)" method=post action="login.php">
<H3>飞哥OA管理系统</H3>
<LABEL><SPAN>管理帐号：</SPAN>
<INPUT id=username class=input maxLength=20 type=text name="username"> </LABEL>
<LABEL><SPAN>登录密码：</SPAN>
<INPUT id=password class=input maxLength=20 type=password name="password"> </LABEL>
<LABEL><SPAN>验 证 码：</SPAN>
<INPUT id=num class=input2 maxLength=5 type=text name="num"> 
&nbsp;&nbsp;
<IMG style="CURSOR: pointer" title='看不清，请单击刷新验证码 ' style="cursor:pointer" 
src="inc/code.php" onclick="(this).src='inc/code.php?'+Math.random();"> 
</LABEL>
<DIV id=submit><INPUT class=bt value="" src="images/login.png" 
type=image name=aa> <INPUT id=act value=2 type=hidden name=act> </DIV>
<P id=siteCopyRight>飞哥科技有限公司版权所有 2012 </P>
<?php

if(isset($_POST["act"])){	

$num=$_POST["num"];
$username=addslashes(trim($_POST["username"]));
$password=md5(addslashes(trim($_POST["password"])));
	if( $num!=$_SESSION['code'] ) {
		echo "<script language='javascript'>alert('验证码错误！');</script>";
	 } 

	   if($num==$_SESSION['code']&&!empty($username)&&!empty($password)){
		
		$sqlstr="select * from login_user where user_acc='".$username."' and user_pwd='".$password."' ";
		$result=$oa->query($sqlstr);
	 	//print_r($result);
		$row=mysql_fetch_row($result);	
		if($row){
			$_SESSION["username"]=$username;
			//更新最后一次时间和ip
			date_default_timezone_set('PRC');
			$last_time=strtotime(date('Y-m-d H:i:s'));
			$ip_get=new client_ip();
			$last_ip=$ip_get->GetIP();
			$time_ip="update login_user set last_time='$last_time',last_ip='$last_ip' where user_acc='$username'";
			$oa->query($time_ip);
			
			//统计用户登录次数
			$login_count=$row['6']+1;
			$oa->query("update login_user set login_count='$login_count' where user_acc='$username'");
			header('Location:index.php');
		}
		else{
			echo "<font color=red>用户名或者密码错误!</font>".mysql_error();
		}
	
      }
	

}

//$oa->close_db();
?>

</FORM>
</BODY>
</HTML>
